Adobe Hack Was Much Worse than Previously Reported – 38 Million Accounts Affected

Remember Adobe Hack Was Much Worse than Previously Reported - 38 Million Accounts Affected Adobe earlier this month when Adobe revealed that someone had hacked the software giant’s servers and stolen info on 2.9 million customers? It turns out the leak was significantly larger - by over an order of magnitude, in fact.

Brian Krebs of Krebs on Security is now saying that the leak has impacted at least 38 million users, a group 13 times as large as previously announced. And that's not all.

Besides the hacked accounts, Krebs' sources at Adobe are saying that the hackers made off with some or all of the source code for Photoshop. This is in addition to the massive (over 40GB) amount of source code already uncovered, including source code for  Acrobat, Cold Fusion, Adobe's web app platform, and Reader.

Yes, someone made off with a copy of the source code for a PDF reading app that has grown uglier and less useful with each release. If we are lucky the hackers might be planning to release a new and improved version of the app.

Over the weekend AnonNews.org posted a 3.8 GB file online that Krebs says looks identical to the stash of stolen Adobe info he stumbled upon earlier this month. It contains more than 150 million username and hashed password pairs, raising serious questions just how many accounts were compromised.

Adobe Hack Was Much Worse than Previously Reported - 38 Million Accounts Affected Adobe

Adobe has been contacting all the customers that might have been affected with a warning and a request that passwords be changed. Pretty much everyone who has bought an ebook with Adobe DE DRM got that email, including me.

They have also offered a free year of credit monitoring for any customer whose credit card info may have been stolen. Of course, this offer is only good via Experian, which has its own history of selling consumer info to an online identity theft service.

The latest word from Adobe is that there was no sign that there has been any unauthorized activity on any Adobe ID involved in the incident. “So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users,” Adobe spokesperson Heather Edell said. “We have completed email notification of these users. We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident—regardless of whether those users are active or not.”

The investigation is continuing, so the number of affected users could still grow.

Nate Hoffelder

View posts by Nate Hoffelder
Nate Hoffelder is the founder and editor of The Digital Reader: He's here to chew bubble gum and fix broken websites, and he is all out of bubble gum. He has been blogging about indie authors since 2010 while learning new tech skills at the drop of a hat. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.

1 Comment

  1. […] to worry – not until the next time that Adobe is hacked and user data is leaked to the web. 38 million users were affected the last time this happened, including ebook […]

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top